package com.javaenzk.wfx.manager.configs;

import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.LinkedHashMap;

@Configuration
public class AppConfiguration {


    @Bean
    public DefaultWebSecurityManager provideSecurityManager(AccountRelam accountRealm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(accountRealm);
        return securityManager;

    }


    @Bean
    public ShiroFilterFactoryBean provideShiroFilter(DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);

        //拦截规则
        //特点：有序
        LinkedHashMap<String, String> linkedHashMap = new LinkedHashMap<>();

        //配置默认的登录页面(如果需要登录的功能被拦截会自动跳转到登录页面)
        shiroFilterFactoryBean.setLoginUrl("/page/login.html");

        //anon 不需要进行登录认证和权限拦截
        linkedHashMap.put("/page/login.html","anon");
        linkedHashMap.put("/user/login","anon");
        linkedHashMap.put("/js/**","anon");
        linkedHashMap.put("/css/**","anon");
        //所有页面必须登录之后才能访问，authc表示需要登录
        linkedHashMap.put("/**","authc");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(linkedHashMap);

        return shiroFilterFactoryBean;
    }

    /**
     * shiro注解生效相关配置
     * @return
     */
    @Bean
    public DefaultAdvisorAutoProxyCreator provideDefaultAdvisorAutoProxyCreator(){
        DefaultAdvisorAutoProxyCreator autoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        return autoProxyCreator;
    }


    /**
     * shiro注解生效相关配置
     * @param securityManager
     * @return
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor provideAuthorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor sourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        sourceAdvisor.setSecurityManager(securityManager);
        return sourceAdvisor;
    }

}
